ALT-PU-2015-1469-1
Closed vulnerabilities
Published: 2015-05-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3622
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
Severity: MEDIUM (4.3)
References:
- FEDORA-2015-7288
- FEDORA-2015-7288
- openSUSE-SU-2015:1372
- openSUSE-SU-2015:1372
- openSUSE-SU-2016:1567
- openSUSE-SU-2016:1567
- openSUSE-SU-2016:1674
- openSUSE-SU-2016:1674
- http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html
- http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html
- 20150430 Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)
- 20150430 Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)
- DSA-3256
- DSA-3256
- MDVSA-2015:232
- MDVSA-2015:232
- 74419
- 74419
- 1032246
- 1032246
- USN-2604-1
- USN-2604-1
- RHSA-2017:1860
- RHSA-2017:1860
- [help-libtasn1] 20150429 GNU Libtasn1 4.5 released
- [help-libtasn1] 20150429 GNU Libtasn1 4.5 released
- GLSA-201509-04
- GLSA-201509-04